SlideShare une entreprise Scribd logo

Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by Salesforce on optimizing AWS costs )

Cloudyn
Cloudyn

This presentation was given by Nate Lindstrom, Director of Network Operations at Salesforce at the Silicon Valley Cloud Computing Meetup on April 4th 2013 in Mountain View - special thanks to host Quixey, along with organizers Scalr and Cloudyn. SalesForce,

TechnologieBusiness
1  sur  33
Télécharger pour lire hors ligne
Leveraging the cloud Getting the most bang for your buck
Nate Lindstrom Director of Network Operations in/nwlindstrom
salesforce desk We make it easy for you to support customers right from the browser, via email, phone, chat, web, Facebook, and Twitter We provide a hosted, cloud-based SaaS help desk platform for SMB
Cloudy Change Management Trust but verify
Process requirements Formal, documented change management ISO 27001 compliance SOX section 404 compliance Safe Harbor certification
Single file change process RFC Make SME RFC create pull reviews Close d request request d Change applied to staging ✓Effects observed Change applied to production Changes can be made rapidly and safely FIM updated Unauthorized changes reverted by the CMS or flagged by CloudPassage Halo FIM
Under the hood Chicken-and-egg problem for new instances Puppet determines role based on hostname Hostname isn’t set on new instances
How we start instances Scri pt Name=web01.desk .com Pupp web01.desk.com nginx ip-10-20-30-40.us-west-1.compute.internal et node /^webd+.desk.com$/ AMI inherits production_app { include web}
How we monitor instances web01.desk.com cron S3 Buck et
Effective monitoring Icinga is the most comprehensive open source monitoring solution available
Secret change process RFC Make SME RFC create pull reviews Close d request request d Change FIM applied to production updated “Secret” as in production secrets, like passwords
Under the hood Storing production secrets in plain text is bad Sending decryption key over same channel as encrypted data is bad
Secure repositories TechO Everyo ps ne Full Access Pull Request Only Puppet Prod Non-Prod git Credentials Credentials Repo GnuPG GnuPG
Secure distribution AMI Puppet GnuPG git git Key Repo Secrets Instance Puppet Credentials
What the cloud means to us More typing, less driving
Physical asset tracking If you came to doubt the accuracy of your CMDB, you could always fall back on a physical inventory Almost always, anyway
Virtual asset tracking When you don’t have any physical assets it’s even easier to “lose” instances “Lost” instances can silently consume big $$$
How an instance can be lost Provisioning script loses connectivity during launch Instance fails to upload existence information to S3 Provisioning CMDB Script Launches Updates S3 Instance Buck Uploads et
Minimizing lost instances Your CMDB may not see your lost instances consuming $$$, but Cloudyn does Cloudyn makes it easy to maintain an efficient and lean cloud presence
JIT capacity Let your servers order more servers
Auto Scale architecture Everything should scale horizontally
Auto Scale in action Loosely-coupled tiers provide greatest flexibility Scale up quickly, scale down slowly ELB Traffic Decreasing Traffic Increasing Web Web Web Web Web Web Web ELB App App App App App App
Auto Scaling control Scalr makes managing dynamic environments in the cloud easy and painless
Whole-unit troubleshooting Don’t sweat the small stuff
Think in clusters If one instance is having problems, replace it If many instances are having problems, dig deeper Use the 1, 2, 3 rule for determining response ELB Instanc Instanc Instanc Instanc Instanc e e e e e
Architecting for failure Build it to land gracefully
Expect failure Make use of regions and availability zones Avoid storing sessions on any one server The cloud is inherently unreliable, but your app doesn’t need to be AWS us-west-1 us-east-1 us-west-1a us-west-1b
Security awareness False security is worse than no security
Cloud isn’t private Multitenancy means the cloud is never truly private Build security in from the very beginning Apply defense in depth Internet ELB Web ELB App DB
Security groups are limited An instance’s security groups cannot ever be changed Security groups can only limit inbound (ingress) traffic Security groups cannot restrict outbound (egress) traffic
Comprehensive security CloudPassage Halo allows the implementation of comprehensive security with minimal effort
The cloud... Is not a data center Is only as secure as you make it Is very expensive if not managed well Works best with lots and lots of little servers Will occasionally fail
Thank you!

Recommandé

Architecting for AWS - Carlos Conde - AWS Summit Paris
Architecting for AWS - Carlos Conde - AWS Summit ParisArchitecting for AWS - Carlos Conde - AWS Summit Paris
Architecting for AWS - Carlos Conde - AWS Summit Paris
Amazon Web Services
 
Serverless in production, an experience report
Serverless in production, an experience reportServerless in production, an experience report
Serverless in production, an experience report
Yan Cui
 
How did we get here and where are we going
How did we get here and where are we goingHow did we get here and where are we going
How did we get here and where are we going
Yan Cui
 
Security in serverless world
Security in serverless worldSecurity in serverless world
Security in serverless world
Yan Cui
 
Architecting for AWS
Architecting for AWSArchitecting for AWS
Architecting for AWS
Amazon Web Services
 
Infrastructure Automation
Infrastructure Automation Infrastructure Automation
Infrastructure Automation
Groupware Technology
 
Bss
BssBss
Bss
BUSINESS SOFTWARES & SOLUTIONS
 
You wouldn't build a toast, would you?
You wouldn't build a toast, would you?You wouldn't build a toast, would you?
You wouldn't build a toast, would you?
Yan Cui
 

Recommandé

Architecting for AWS - Carlos Conde - AWS Summit Paris
Architecting for AWS - Carlos Conde - AWS Summit ParisArchitecting for AWS - Carlos Conde - AWS Summit Paris
Architecting for AWS - Carlos Conde - AWS Summit Paris
Amazon Web Services
 
Serverless in production, an experience report
Serverless in production, an experience reportServerless in production, an experience report
Serverless in production, an experience report
Yan Cui
 
How did we get here and where are we going
How did we get here and where are we goingHow did we get here and where are we going
How did we get here and where are we going
Yan Cui
 
Security in serverless world
Security in serverless worldSecurity in serverless world
Security in serverless world
Yan Cui
 
Architecting for AWS
Architecting for AWSArchitecting for AWS
Architecting for AWS
Amazon Web Services
 
Infrastructure Automation
Infrastructure Automation Infrastructure Automation
Infrastructure Automation
Groupware Technology
 
Bss
BssBss
Bss
BUSINESS SOFTWARES & SOLUTIONS
 
You wouldn't build a toast, would you?
You wouldn't build a toast, would you?You wouldn't build a toast, would you?
You wouldn't build a toast, would you?
Yan Cui
 
Security in serverless world
Security in serverless worldSecurity in serverless world
Security in serverless world
Yan Cui
 
How to train your Jenkins?
How to train your Jenkins?How to train your Jenkins?
How to train your Jenkins?
Manivannan Selvaraj
 
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Priyanka Aash
 
Debunking serverless myths
Debunking serverless mythsDebunking serverless myths
Debunking serverless myths
Yan Cui
 
Dev to Delivery with Puppet - PuppetConf 2014
Dev to Delivery with Puppet - PuppetConf 2014Dev to Delivery with Puppet - PuppetConf 2014
Dev to Delivery with Puppet - PuppetConf 2014
Puppet
 
I Am MongoDB – And So Can You!
I Am MongoDB – And So Can You!I Am MongoDB – And So Can You!
I Am MongoDB – And So Can You!
MongoDB
 
India SME ICT Adoption IAMAI Survey
India SME ICT Adoption IAMAI SurveyIndia SME ICT Adoption IAMAI Survey
India SME ICT Adoption IAMAI Survey
Arun Tyagi
 
April 2015: Salesforce Basics for the Accidental Admin
April 2015: Salesforce Basics for the Accidental AdminApril 2015: Salesforce Basics for the Accidental Admin
April 2015: Salesforce Basics for the Accidental Admin
Idealist Consulting
 
Leverage ebiz for growth of MSMEs
Leverage ebiz for growth of MSMEsLeverage ebiz for growth of MSMEs
Leverage ebiz for growth of MSMEs
Dolly Bhasin
 
Adoption stony point salesforce end user training overview
Adoption stony point salesforce end user training overviewAdoption stony point salesforce end user training overview
Adoption stony point salesforce end user training overview
Atlanta Salesforce Nonprofit User Group (ASNUG)
 
Expert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration ToolsExpert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration Tools
Geraldine Gray
 
Clextra sme india_it
Clextra sme india_itClextra sme india_it
Clextra sme india_it
Edgevalue
 
Salesforce presentation for it summit
Salesforce presentation for it summitSalesforce presentation for it summit
Salesforce presentation for it summit
kevin_donovan
 
Introduction to salesforce
Introduction to salesforceIntroduction to salesforce
Introduction to salesforce
Hassan Maynard
 
Salesforce training workbook FINAL
Salesforce training workbook FINALSalesforce training workbook FINAL
Salesforce training workbook FINAL
Kenny Berrouet
 
Cii Sme
Cii SmeCii Sme
Cii Sme
R Jai Krishna
 
Business intelligence implementation_in_SME_in_INDIA
Business intelligence implementation_in_SME_in_INDIABusiness intelligence implementation_in_SME_in_INDIA
Business intelligence implementation_in_SME_in_INDIA
Navin Shukla
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
Joshua Hoskins
 
SME 10-minute guide to digital transformation v1
SME 10-minute guide to digital transformation v1SME 10-minute guide to digital transformation v1
SME 10-minute guide to digital transformation v1
Bill Harpley
 
Deloitte maverick regional finals
Deloitte maverick regional finalsDeloitte maverick regional finals
Deloitte maverick regional finals
Tarun Gupta
 
How Salesforce CRM works & who should use it?
How Salesforce CRM works & who should use it?How Salesforce CRM works & who should use it?
How Salesforce CRM works & who should use it?
Suyati Technologies
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
Chetna Purohit
 

Contenu connexe

Tendances

Security in serverless world
Security in serverless worldSecurity in serverless world
Security in serverless world
Yan Cui
 
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Priyanka Aash
 

Tendances (6)

Security in serverless world
Security in serverless worldSecurity in serverless world
Security in serverless world
 
How to train your Jenkins?
How to train your Jenkins?How to train your Jenkins?
How to train your Jenkins?
 
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)Detecting Credential Compromise in AWS (Black Hat Conference 2018)
Detecting Credential Compromise in AWS (Black Hat Conference 2018)
 
Debunking serverless myths
Debunking serverless mythsDebunking serverless myths
Debunking serverless myths
 
Dev to Delivery with Puppet - PuppetConf 2014
Dev to Delivery with Puppet - PuppetConf 2014Dev to Delivery with Puppet - PuppetConf 2014
Dev to Delivery with Puppet - PuppetConf 2014
 
I Am MongoDB – And So Can You!
I Am MongoDB – And So Can You!I Am MongoDB – And So Can You!
I Am MongoDB – And So Can You!
 

En vedette

Expert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration ToolsExpert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration Tools
Geraldine Gray
 
Salesforce presentation for it summit
Salesforce presentation for it summitSalesforce presentation for it summit
Salesforce presentation for it summit
kevin_donovan
 
Salesforce training workbook FINAL
Salesforce training workbook FINALSalesforce training workbook FINAL
Salesforce training workbook FINAL
Kenny Berrouet
 

En vedette (16)

India SME ICT Adoption IAMAI Survey
India SME ICT Adoption IAMAI SurveyIndia SME ICT Adoption IAMAI Survey
India SME ICT Adoption IAMAI Survey
 
April 2015: Salesforce Basics for the Accidental Admin
April 2015: Salesforce Basics for the Accidental AdminApril 2015: Salesforce Basics for the Accidental Admin
April 2015: Salesforce Basics for the Accidental Admin
 
Leverage ebiz for growth of MSMEs
Leverage ebiz for growth of MSMEsLeverage ebiz for growth of MSMEs
Leverage ebiz for growth of MSMEs
 
Adoption stony point salesforce end user training overview
Adoption stony point salesforce end user training overviewAdoption stony point salesforce end user training overview
Adoption stony point salesforce end user training overview
 
Expert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration ToolsExpert Hour - Salesforce Integration Tools
Expert Hour - Salesforce Integration Tools
 
Clextra sme india_it
Clextra sme india_itClextra sme india_it
Clextra sme india_it
 
Salesforce presentation for it summit
Salesforce presentation for it summitSalesforce presentation for it summit
Salesforce presentation for it summit
 
Introduction to salesforce
Introduction to salesforceIntroduction to salesforce
Introduction to salesforce
 
Salesforce training workbook FINAL
Salesforce training workbook FINALSalesforce training workbook FINAL
Salesforce training workbook FINAL
 
Cii Sme
Cii SmeCii Sme
Cii Sme
 
Business intelligence implementation_in_SME_in_INDIA
Business intelligence implementation_in_SME_in_INDIABusiness intelligence implementation_in_SME_in_INDIA
Business intelligence implementation_in_SME_in_INDIA
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
 
SME 10-minute guide to digital transformation v1
SME 10-minute guide to digital transformation v1SME 10-minute guide to digital transformation v1
SME 10-minute guide to digital transformation v1
 
Deloitte maverick regional finals
Deloitte maverick regional finalsDeloitte maverick regional finals
Deloitte maverick regional finals
 
How Salesforce CRM works & who should use it?
How Salesforce CRM works & who should use it?How Salesforce CRM works & who should use it?
How Salesforce CRM works & who should use it?
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
 

Similaire à Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by Salesforce on optimizing AWS costs )

From 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
From 0 to Secure in 1 Minute - Securing laaS - Nir ValtmanFrom 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
From 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
EC-Council
 
Ca today here and_now_martin_vajda
Ca today here and_now_martin_vajdaCa today here and_now_martin_vajda
Ca today here and_now_martin_vajda
mvajda62
 
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh VariaCloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Amazon Web Services
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Moshe Ferber
 
Devoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best PracticesDevoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best Practices
Eric Bottard
 

Similaire à Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by Salesforce on optimizing AWS costs ) (20)

Leveraging the Cloud: Getting the more bang for your buck
Leveraging the Cloud: Getting the more bang for your buckLeveraging the Cloud: Getting the more bang for your buck
Leveraging the Cloud: Getting the more bang for your buck
 
From 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
From 0 to Secure in 1 Minute - Securing laaS - Nir ValtmanFrom 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
From 0 to Secure in 1 Minute - Securing laaS - Nir Valtman
 
Cloud atebay
Cloud atebayCloud atebay
Cloud atebay
 
Ca today here and_now_martin_vajda
Ca today here and_now_martin_vajdaCa today here and_now_martin_vajda
Ca today here and_now_martin_vajda
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless Architecture
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh VariaCloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
 
Apache cloud stack 4.1 new features deep dive
Apache cloud stack 4.1 new features deep diveApache cloud stack 4.1 new features deep dive
Apache cloud stack 4.1 new features deep dive
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Cloudefigo - From zero to secure in 1 minute
Cloudefigo - From zero to secure in 1 minuteCloudefigo - From zero to secure in 1 minute
Cloudefigo - From zero to secure in 1 minute
 
Cloud Talk
Cloud TalkCloud Talk
Cloud Talk
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS
 
AWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud InnovationsAWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud Innovations
 
Migrating Jive To The Cloud
Migrating Jive To The CloudMigrating Jive To The Cloud
Migrating Jive To The Cloud
 
Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...
 
Devoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best PracticesDevoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best Practices
 
Lets focus on business value
Lets focus on business valueLets focus on business value
Lets focus on business value
 
Scaling Twilio - Evan Cooke - Twilio Conference 2011
Scaling Twilio - Evan Cooke - Twilio Conference 2011Scaling Twilio - Evan Cooke - Twilio Conference 2011
Scaling Twilio - Evan Cooke - Twilio Conference 2011
 
5 Simple Steps to Migrate to AWS – Zerto
5 Simple Steps to Migrate to AWS – Zerto 5 Simple Steps to Migrate to AWS – Zerto
5 Simple Steps to Migrate to AWS – Zerto
 

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Dernier (20)

WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by Salesforce on optimizing AWS costs )

  • 1. Leveraging the cloud Getting the most bang for your buck
  • 2. Nate Lindstrom Director of Network Operations in/nwlindstrom
  • 3. salesforce desk We make it easy for you to support customers right from the browser, via email, phone, chat, web, Facebook, and Twitter We provide a hosted, cloud-based SaaS help desk platform for SMB
  • 5. Process requirements Formal, documented change management ISO 27001 compliance SOX section 404 compliance Safe Harbor certification
  • 6. Single file change process RFC Make SME RFC create pull reviews Close d request request d Change applied to staging ✓Effects observed Change applied to production Changes can be made rapidly and safely FIM updated Unauthorized changes reverted by the CMS or flagged by CloudPassage Halo FIM
  • 7. Under the hood Chicken-and-egg problem for new instances Puppet determines role based on hostname Hostname isn’t set on new instances
  • 8. How we start instances Scri pt Name=web01.desk .com Pupp web01.desk.com nginx ip-10-20-30-40.us-west-1.compute.internal et node /^webd+.desk.com$/ AMI inherits production_app { include web}
  • 9. How we monitor instances web01.desk.com cron S3 Buck et
  • 10. Effective monitoring Icinga is the most comprehensive open source monitoring solution available
  • 11. Secret change process RFC Make SME RFC create pull reviews Close d request request d Change FIM applied to production updated “Secret” as in production secrets, like passwords
  • 12. Under the hood Storing production secrets in plain text is bad Sending decryption key over same channel as encrypted data is bad
  • 13. Secure repositories TechO Everyo ps ne Full Access Pull Request Only Puppet Prod Non-Prod git Credentials Credentials Repo GnuPG GnuPG
  • 14. Secure distribution AMI Puppet GnuPG git git Key Repo Secrets Instance Puppet Credentials
  • 15. What the cloud means to us More typing, less driving
  • 16. Physical asset tracking If you came to doubt the accuracy of your CMDB, you could always fall back on a physical inventory Almost always, anyway
  • 17. Virtual asset tracking When you don’t have any physical assets it’s even easier to “lose” instances “Lost” instances can silently consume big $$$
  • 18. How an instance can be lost Provisioning script loses connectivity during launch Instance fails to upload existence information to S3 Provisioning CMDB Script Launches Updates S3 Instance Buck Uploads et
  • 19. Minimizing lost instances Your CMDB may not see your lost instances consuming $$$, but Cloudyn does Cloudyn makes it easy to maintain an efficient and lean cloud presence
  • 20. JIT capacity Let your servers order more servers
  • 21. Auto Scale architecture Everything should scale horizontally
  • 22. Auto Scale in action Loosely-coupled tiers provide greatest flexibility Scale up quickly, scale down slowly ELB Traffic Decreasing Traffic Increasing Web Web Web Web Web Web Web ELB App App App App App App
  • 23. Auto Scaling control Scalr makes managing dynamic environments in the cloud easy and painless
  • 25. Think in clusters If one instance is having problems, replace it If many instances are having problems, dig deeper Use the 1, 2, 3 rule for determining response ELB Instanc Instanc Instanc Instanc Instanc e e e e e
  • 26. Architecting for failure Build it to land gracefully
  • 27. Expect failure Make use of regions and availability zones Avoid storing sessions on any one server The cloud is inherently unreliable, but your app doesn’t need to be AWS us-west-1 us-east-1 us-west-1a us-west-1b
  • 29. Cloud isn’t private Multitenancy means the cloud is never truly private Build security in from the very beginning Apply defense in depth Internet ELB Web ELB App DB
  • 30. Security groups are limited An instance’s security groups cannot ever be changed Security groups can only limit inbound (ingress) traffic Security groups cannot restrict outbound (egress) traffic
  • 31. Comprehensive security CloudPassage Halo allows the implementation of comprehensive security with minimal effort
  • 32. The cloud... Is not a data center Is only as secure as you make it Is very expensive if not managed well Works best with lots and lots of little servers Will occasionally fail